Good afternoon,
We have a service provider with whom were trying to set up SAML 1.1 SSO to our CAS server. After a lot of going back and forth, weve reached a point where they finally can validate the SAML artifact and get a response from /samlValidate (we knew it worked on our end since we have other apps using SAML). Now they say that they cant process the SAML assertion in the response since CAS sends it using the saml1p namespace, while their code expects samlp. Now, this leads me to believe that theyre not using a standard XML parser but instead hacked a custom parser. Before I go and tell them to fix their parser, Id like to see if I can do something easy on my end to make CAS spit out a different namespace in the assertion. I noticed that the namespace comes from the SAMLConstants class in the OpenSAML jar, however I cannot yet figure out how it gets to CAS my guess is in AbstractSaml10ResponseView.java through the OpenSAML Response class. Will any of this be worthwhile? Im not sure its recommended its set as a constant in OpenSAML for a reason, I suppose. Id like to tell the service provider to fix their code, which theyve already done for other things (e.g., overloading the TARGET parameter for something unrelated to SAML). What would you suggest? Thanks in advance, -- Carlos M. Fernández Enterprise Systems Manager Saint Josephs University Philadelphia PA 19131 T: +1 610 660 1501 -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
